By Rupert White
The Department for Constitutional Affairs (DCA), the Crown Prosecution Service (CPS) and the Courts Service have never fully checked their compliance with the Data Protection Act - despite the legislation being in place for more than six years.
According to documents obtained by the Gazette under the Freedom of Information Act, neither the DCA, the CPS nor the Courts Service has ever done a full audit as to whether they correct or maintain personal information in accordance with the law.
Compliance with the Act is overseen by the Information Commissioner's Office, an agency of the DCA. It told the Gazette it 'encourages organisations to review their policies and procedures regularly to ensure they are compliant' and 'organisations must ensure staff are following those policies and procedures in practice'.
But without auditing, departments cannot measure if staff are following
procedures. The CPS's case management system holds sensitive information on people being prosecuted, the Courts Service holds records of court cases in progress, and the DCA holds a vast amount of information on workers and the public. When the ICO was told of the DCA's lack of auditing, a spokesman said there is 'no legal requirement' to audit.
Dr Chris Pounder, a data protection specialist at national firm Pinsent Masons, said Whitehall should move towards privacy impact assessments (PIAs) as a way of reassuring the public and making sure justice is seen to be done well.
'A PIA is normally done to ensure the Act is integrated into standard procedures and systems development. The audit function is there to assure the public that controls are in place. The two go hand in hand.'
Dr Pounder pointed out that in the legal system evidence is assessed in open court, thereby in theory stopping erroneous data being used in assessing cases. But mistakes happen due to incorrect data, such as the allocation of county court judgements to the wrong individual.
The CPS told the Gazette it had conducted some 'mini audits' and was 'compliant with data protection principles'. The DCA insisted it is 'fully committed' to compliance with the Act.
More from News
-
NewsEx-Whitehall high-flier named as new SRA chief executive
Former top civil servant, a non-lawyer, will succeed Paul Philip later this year.
-
NewsThree more firms hit with AML fines by SRA, as changes loom
One of the fines was over £23k, becoming one of dozens of firms to be hit with five-figure fines.
-
NewsInsolvency litigation finance firm thrilled by record revenues
Manolete Partners celebrated numerous records in the last financial year as UK insolvencies continue to soar.
Partnership
Charity Explorer provides a reputable reference tool for solicitors, will-writers and their clients who want to leave a legacy or charitable gift.
Visit Charity Explorer
Whether you are looking for legal expert witnesses, legal training/CPD providers, international law firms, administration of estates, legal software suppliers, barristers chambers or any other general legal service, the Legal Services Directory will provide a suitable option.
Visit Legal Services Directory
No comments yet